This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft File: okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft (raw, json) Hash identifier: 6GpzUgun94cdMWEZRJvCHswjsjhYqToKPKZx79FhCFk= Subject key identifier: 84:CE:63:8E:33:AE:51:90:B5:DE:1D:8B:BD:A9:2B:49:0C:87:2D:1F Authority key identifier: A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B Certificate issuer: /CN=a24357be1958796b12c42b4f4cac51b83de8fd2b Certificate serial: 019B1BA992C3906F729E7B8AED6090DCBB3A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft Manifest number: 022D Signing time: Sun 14 Dec 2025 07:00:56 +0000 Manifest this update: Sun 14 Dec 2025 07:00:56 +0000 Manifest next update: Mon 15 Dec 2025 07:00:56 +0000 Files and hashes: 1: dV2LrBjIlql28uwMDcJVQI6s6A8.roa (hash: F8uj/t68nQ3cbE2EUpzLNyfLklCyKLVmpdDgkWw1Qw4=) 2: okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl (hash: CfgyyDl5uQLddxUeYQMtgr4aEl10ZciUgnfrbriqOAw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1b:a9:92:c3:90:6f:72:9e:7b:8a:ed:60:90:dc:bb:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a24357be1958796b12c42b4f4cac51b83de8fd2b Validity Not Before: Dec 14 07:00:56 2025 GMT Not After : Dec 15 07:00:56 2025 GMT Subject: CN=84ce638e33ae5190b5de1d8bbda92b490c872d1f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:9c:e5:4a:e0:21:c2:85:b5:00:38:2b:05:0b: 77:b3:52:55:ed:a4:a2:85:32:e5:89:54:56:9f:5e: f2:af:24:34:80:09:2b:9d:4d:c5:8e:05:15:25:95: a9:62:27:3e:58:8b:7d:42:51:99:2f:55:6a:0c:b6: da:30:6b:f7:c3:ee:68:c9:21:cd:b1:00:58:c2:ed: ad:2e:95:c6:6d:e1:f0:57:94:fd:23:04:43:60:04: 8a:b1:89:57:78:71:31:5e:e1:52:aa:5d:6b:68:11: b9:91:22:d9:b4:e8:4c:1f:cd:9c:26:62:a6:9d:15: 67:1b:a3:a9:b6:fd:d8:72:d8:3e:75:b8:24:e4:fa: ef:47:39:66:e5:03:f4:dd:ac:00:39:db:ec:2e:9d: bc:0c:07:17:69:57:9b:d4:b5:3f:37:5f:d5:e9:e4: 4a:66:30:dd:08:9b:f7:60:06:3b:b2:ad:2d:37:44: cd:96:26:ef:e2:04:ff:ca:3d:2a:72:71:ee:fc:5d: 96:84:45:d2:b8:0a:35:ab:f1:db:34:26:2a:80:e3: 24:29:b4:cd:4a:d0:5a:e6:01:b9:ed:0e:9d:80:68: 91:fe:33:2d:a9:7b:19:7f:59:d6:c3:a9:03:6b:58: 84:ac:a7:35:dd:74:e0:b2:fe:a0:0e:13:4d:4e:a8: e7:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:CE:63:8E:33:AE:51:90:B5:DE:1D:8B:BD:A9:2B:49:0C:87:2D:1F X509v3 Authority Key Identifier: keyid:A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:47:89:3d:10:6d:26:1d:41:56:f0:cf:d0:5e:10:0c:4f:c6: 15:4c:11:a3:8c:5e:59:b9:85:ff:70:93:4b:2d:7e:59:2c:a5: 23:93:66:60:35:a1:d5:fa:52:d0:db:3a:72:fb:e8:91:14:77: e3:e2:4a:97:f0:40:65:86:17:fd:41:f7:5a:44:21:c1:4c:dc: 04:f7:7d:a9:d3:bb:9a:15:6c:06:44:63:5d:cd:4a:f8:01:bd: 49:bc:1b:26:b5:cf:88:35:d6:f5:f3:30:5c:d9:11:38:0a:6f: 25:74:02:25:93:38:28:fb:14:f5:3b:eb:4c:f6:a2:23:72:9a: cc:d7:95:28:c8:8c:81:f5:c5:6e:ce:aa:b7:25:a1:f8:ee:4f: 55:b6:5d:f8:33:3d:89:a3:53:c3:b9:20:da:32:db:03:f3:ac: 50:ca:52:83:ba:d4:bd:e1:dd:0d:91:d4:95:16:55:9c:16:aa: 49:c4:e8:ad:36:b4:0e:cf:c3:59:b7:e9:86:5e:5d:36:56:d3: 1a:d8:eb:b6:b7:0e:85:af:74:ca:3c:13:ac:22:0a:4c:fe:cd: 08:41:37:55:36:ff:8d:6c:ed:0c:b5:95:2d:dc:7b:fc:42:77: b7:22:06:a8:32:58:ad:e1:02:72:88:0f:c9:9c:b2:71:7e:6c: 56:05:bd:47 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsbqZLDkG9ynnuK7WCQ3Ls6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyNDM1N2JlMTk1ODc5NmIxMmM0MmI0ZjRjYWM1MWI4M2Rl OGZkMmIwHhcNMjUxMjE0MDcwMDU2WhcNMjUxMjE1MDcwMDU2WjAzMTEwLwYDVQQD Eyg4NGNlNjM4ZTMzYWU1MTkwYjVkZTFkOGJiZGE5MmI0OTBjODcyZDFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JzlSuAhwoW1ADgrBQt3s1JV7aSi hTLliVRWn17yryQ0gAkrnU3FjgUVJZWpYic+WIt9QlGZL1VqDLbaMGv3w+5oySHN sQBYwu2tLpXGbeHwV5T9IwRDYASKsYlXeHExXuFSql1raBG5kSLZtOhMH82cJmKm nRVnG6Optv3Yctg+dbgk5PrvRzlm5QP03awAOdvsLp28DAcXaVeb1LU/N1/V6eRK ZjDdCJv3YAY7sq0tN0TNlibv4gT/yj0qcnHu/F2WhEXSuAo1q/HbNCYqgOMkKbTN StBa5gG57Q6dgGiR/jMtqXsZf1nWw6kDa1iErKc13XTgsv6gDhNNTqjnqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFITOY44zrlGQtd4di72pK0kMhy0fMB8GA1UdIwQY MBaAFKJDV74ZWHlrEsQrT0ysUbg96P0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMt M2YzY2MxZTU3M2ZkLzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMtM2YzY2MxZTU3M2Zk LzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVkeJPRBt Jh1BVvDP0F4QDE/GFUwRo4xeWbmF/3CTSy1+WSylI5NmYDWh1fpS0Ns6cvvokRR3 4+JKl/BAZYYX/UH3WkQhwUzcBPd9qdO7mhVsBkRjXc1K+AG9SbwbJrXPiDXW9fMw XNkROApvJXQCJZM4KPsU9TvrTPaiI3KazNeVKMiMgfXFbs6qtyWh+O5PVbZd+DM9 iaNTw7kg2jLbA/OsUMpSg7rUveHdDZHUlRZVnBaqScTorTa0Ds/DWbfphl5dNlbT GtjrtrcOha90yjwTrCIKTP7NCEE3VTb/jWztDLWVLdx7/EJ3tyIGqDJYreECcogP yZyycX5sVgW9Rw== -----END CERTIFICATE-----Generated at Sun Dec 14 14:08:07 2025 by rpki-client